<?php header('Cache-Control: no-store');?>
<head><title>OSA Codeshare system</title>
<script type="text/javascript">
function onlyNum()
{
if(!((event.keyCode<=57)||(event.keyCode>=96&&event.keyCode<=105)))
event.returnValue=false;
if(event.keyCode>=48&&event.shiftKey)
event.returnValue=false;
}
function check_file(){
	var files=document.getElementById('file').value;
	if (files==""){
		alert("请选择要上传的文件");
		return false;
	}
	var fileType=new String(/\.[^\.]+$/.exec(files));
	var allowType=document.getElementById('allowType').value.split('|');
	var pass=false;
	for (var i in allowType){
		if (fileType && fileType.toLowerCase()==allowType[i].toLowerCase()){
			pass=true;
			break;
		}
	}
	if (pass==false) alert("不允许上传此类型文件!\r\n只允许上传以下几种类型文件:\r\n"+allowType.join('|'));
	return pass;
}
function validate(){
	event.returnValue=false;
	with(document.upload){
		var i;
		var type=document.getElementsByName("type[]");
		for(i=0;i<type.length;i++){
			if(type[i].checked) break;
		}
		if(i==type.length){
			alert("At least one type should be specified!"); return;
		}
		if(!check_file()) return;
		if(isNaN(points.value)){
			alert("Invalid points!");
			points.value="50";return;
		}
		if(keywords.value.length==0){
			alert("Keywords cannot be empty!"); return;
		}
	}
	event.returnValue=true;
}
function rdownload(i){
	with(document.userinfo){
		RID.value=i;
		action="/php/download.php";
		submit();
	}
}
</script></head>
<body>
Welcome
<?php
$con=mysql_connect("localhost","William");

if (!$con){
	die("MySQL Error " . mysql_error());
}
mysql_select_db("osa", $con);
$success=false;
$IP=$_SERVER["REMOTE_ADDR"];
$query=mysql_query("SELECT * FROM onlineuser WHERE loginip='$IP'",$con);
if(!$query) die("MySQL Error " . mysql_error());
$row=mysql_fetch_array($query);
if($row){
	$UID=$row['UID'];
	$query=mysql_query("SELECT * FROM user WHERE UID=$UID",$con);
	if(!$query) die("MySQL Error " . mysql_error());
	$row=mysql_fetch_array($query);
	if(!$row) die("Internal error: UID $UID not found.");
	$user=$row['username'];
	$points=$row['point'];
}else
	$user='guest'; ?>
<b><?php echo $user; ?></b>
<?php if($user!="guest"){?>&nbsp;
<a href='javascript:;' onClick='document.userinfo.action="/php/center.php";document.userinfo.submit();'>Personal center</a>&nbsp;
<a href='javascript:;' onClick='document.userinfo.action="/php/logout.php";document.userinfo.submit();'>Logout</a>
<form name="userinfo" style="visibility:hidden" method="post">
<input type="hidden" name="UID" value="<?php echo $UID;?>" />
<input type="hidden" name="RID"/>
</form>
<form name="upload" action="upload.php" method="post" enctype="multipart/form-data" onsubmit="validate()">
<input type="hidden" name="UID" value="<?php echo $UID;?>">
<input type="hidden" name="allowType" id="allowType" value=".c|.pas|.cpp|.rar|.zip|.7z|.txt|.doc|.xls|.docx|.xlsx" />
File:<input type="file" name="file" id="file" /> <br />
Points: <input type="input" name="points" value="50" onKeydown="onlyNum();" onContextMenu="event.returnValue=true;"/><br />
Type:<input type="checkbox" name="type[]" value="C"/>C
<input type="checkbox" name="type[]" value="Pascal"/>Pascal<br />
Keywords:<input type="input" name="keywords" maxLength=255/><br />
<br />
<input type="submit" name="submit" value="Upload" />
</form>
<?php }?>
<hl>
Resources uploaded on the server:
<table border = "1">
<tr><th>User</th><th>File name</th><th>Type</th><th>points</th><th>Keywords</th><th>Uploaded on</th><?php if($user!="guest"){?><th>Download Link</th><?php } ?></tr>
<?php
$query=mysql_query("SELECT resource.*,user.username FROM resource,user WHERE resource.uid=user.uid ORDER BY uploadtime DESC",$con);
if(!$query) die("MySQL Error " . mysql_error());
while($row = mysql_fetch_array($query)){ ?>
<tr><td><?php echo $row["username"]; ?></td><td><?php echo $row["name"]; ?></td><td><?php echo $row["type"]; ?></td>
<td><?php echo $row["points"]; ?></td>
<td><?php echo $row["keywords"]; ?></td><td><?php echo $row["uploadTime"]; ?></td>
<?php if($user != "guest"){ ?>
<td>
<?php 
if($points >= $row["points"]||$row["UID"]==$UID){ ?>
<a href='javascript:;' <?php echo "onClick='rdownload(" . $row["RID"] . ");'"; ?>>download</a>
<?php } }
}?>
</table>
</body>
<?php mysql_close($con);?>
